US20040059919A1 - Security system for preventing a personal computer from being used by an unauthorized people - Google Patents

Security system for preventing a personal computer from being used by an unauthorized people Download PDF

Info

Publication number
US20040059919A1
US20040059919A1 US10/250,722 US25072203A US2004059919A1 US 20040059919 A1 US20040059919 A1 US 20040059919A1 US 25072203 A US25072203 A US 25072203A US 2004059919 A1 US2004059919 A1 US 2004059919A1
Authority
US
United States
Prior art keywords
extractable
security
main
computer device
piece
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
US10/250,722
Other versions
US7228430B2 (en
Inventor
Alain Benayoun
Jacques Fieschi
Jean-Francois Le Pennec
Pascal Roy
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Lenovo PC International Ltd
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Assigned to INTERNATIONAL BUSINESS MACHINES CORPORATION reassignment INTERNATIONAL BUSINESS MACHINES CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: FIESCHI, JACQUES, LE PENNEC, JEAN-FRANCOIS, ROY, PASCOL, BENAYOUN, ALAIN
Publication of US20040059919A1 publication Critical patent/US20040059919A1/en
Assigned to LENOVO (SINGAPORE) PTE LTD. reassignment LENOVO (SINGAPORE) PTE LTD. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: INTERNATIONAL BUSINESS MACHINES CORPORATION
Application granted granted Critical
Publication of US7228430B2 publication Critical patent/US7228430B2/en
Assigned to LENOVO PC INTERNATIONAL reassignment LENOVO PC INTERNATIONAL NUNC PRO TUNC ASSIGNMENT (SEE DOCUMENT FOR DETAILS). Assignors: LENOVO (SINGAPORE) PTE LTD.
Adjusted expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/16Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards

Definitions

  • the present invention relates to a system and method for preventing computer devices from being stolen or hacked, and relates more particularly to a security system for preventing unauthorized use of a personal computer.
  • passwords are still the most common security tools; they are also the most abused, and often the easiest for an attacker to break.
  • Passwords present a kind of security paradox.
  • the best passwords are the most difficult to guess: long and random. Unfortunately, these are also the most difficult to remember.
  • most experts strongly recommend using different passwords for each e-mail, e-commerce, or other account, and changing the passwords regularly. As a result, most people either choose passwords that are easily guessed, or write them down where they can be copied or stolen.
  • password safes These programs provide a space to store long, complex, random passwords, and then encrypt the passwords so that they cannot be stolen. Some password safes generate random passwords for the user and store these on a local disk that also has a password access protection.
  • PKI cryptography a user has a pair of keys: public and private. As their names suggest, the private key is kept private, while the public key is distributed to other users. The owner of the private key never shares the private key with anyone.
  • the public and private keys of a particular user are related via complex mathematical structures that inexorably link one key with the other. This relationship is crucial to making public/private key-based encryption work.
  • the public key is used as the basis for encrypting a message, while the private key is necessary for the recipient to decrypt the encrypted message. Only the bearer of the private key can decrypt the message. Even the person who did the encrypting cannot decrypt the message he just encrypted, because he does not know the private key.
  • the keys of an asymmetric cryptosystem for digital signatures are termed the private key, which is known only by the signer and which is used to create the digital signature, and the public key, which is ordinarily more widely known and which is used to verify the digital signature.
  • a recipient must have the corresponding public key in order to verify that a digital signature is the signer's.
  • the public key must be widely distributed, perhaps by publication in an on-line repository or directory.
  • an object of the invention is to provide a security system based upon the Public Key Infrastructure (PKI) preventing unauthorized use of a computer device.
  • PKI Public Key Infrastructure
  • a security system includes an extractable security piece, which is a piece of the main computer device that can be removed by the authorized user.
  • the extractable security piece includes at least an extractable main private key and a main PC public key.
  • a PC security area which is a non-extractable part of the computer device, contains at least a PC private key and an extractable main public key.
  • the PC private key and the extractable main public key work together according to a Public Key Infrastructure (PKI).
  • PKI Public Key Infrastructure
  • Processing means in both the extractable security piece and the PC security area carry out a mutual authentication of the extractable security piece and the PC security area after the extractable security piece, which had been previously removed, has been reinserted, thereby enabling the authorized user to access data stored in the computer device.
  • FIG. 1 is a block diagram representing the security system according to the invention, including the extractable security piece, the PC security area, and its link with the computer device.
  • FIG. 2 is a schematic representation of the interactions between the extractable security piece, the PC security area, and the computer device when the extractable security piece is installed on the main computer device.
  • FIG. 3 is a schematic representation of the interactions between the main extractable security piece, the PC security area, a guest extractable security piece, and the computer device when a guest extractable security piece is installed on the main computer device.
  • FIG. 4 is a schematic representation of interactions between the extractable security piece, the main PC security area, a guest PC security area, and the main and guest computer devices when the main extractable security piece is installed on a remote computer device.
  • the invention includes the use of an extractable security piece 10 and a PC security area 12 in combination.
  • the computer device 38 Without the extractable security piece 10 , the computer device 38 and all included or attached devices such as memory, hard disk, and various peripherals cannot be used.
  • the extractable security piece 10 may be a keyboard key or an integrated mouse button, a block containing a small display screen or an LED area, or a PCMCIA card. In the latter case, one of the PCMCIA slots is preempted, and cannot be used for other purposes.
  • the PC security area 12 may be any part of the computer device 38 hardware/firmware including the operating system and the installed applications. This PC security area 12 is generally included in the computer device motherboard, or another mandatory board or card in the computer device 38 , and cannot be removed.
  • the extractable security piece 10 includes a processor 14 , which may be a microprocessor having an integrated communication port, a memory 16 protected against external read (which might be a memory integrated within processor 14 ), and a PKI checker 18 , which may be a software application used by the processor 14 to encrypt or authenticate data sent to PC security area 12 .
  • Protected memory 16 includes an extractable private key 20 , (A PC Public Key 22 public key of the computer device 38 ), and other keys or passwords 24 .
  • PC security area 12 includes a processor 26 which communicates with processor 14 via a communication port, a PKI checker 28 which may be a software application used to encrypt or authenticate data sent to extractable security piece 10 , and a protected memory 30 , which may be integrated within processor 26 .
  • the protected memory 30 contains an extractable public key 32 (the public key of the extractable security piece 10 ), a PC private key 34 , and other keys or passwords 36 .
  • processor 26 may open access to the computer device 38 by its I/O bus for OS or application password checking, application authentication, or encryption. Furthermore, computer device 38 may open communication to processor 26 for validating external users such as remote users.
  • the protected memory 16 of extractable security piece 10 includes a set of storage areas as shown in FIG. 2.
  • the storage areas may contain keys, full certificates including keys, or password areas.
  • the storage areas of protected memory 16 may contain the following:
  • EXTRACTABLE MAIN PRIVATE KEY 40 which is the private key that uniquely identifies the extractable security piece 10 . It is similar to a serial number but much more complex, and is not readable.
  • the extractable main private key 40 is used by the extractable security piece 10 to identify itself to the computer device 38 and to allow the computer device 38 to send encrypted messages to the extractable security piece 10 which can be decrypted only with knowledge of the extractable main private key 40 .
  • MAIN PC PUBLIC KEY 42 which is the public key that corresponds to the computer device 38 , and which is used to encrypt messages sent to the PC security area 12 , such as requests to authorize the use of the security piece 10 in this environment.
  • the main PC public key is also used to authenticate messages coming from the PC security area 12 .
  • SHARED PRIVATE KEY 44 which is a private key that is generated by the user and transmitted to other extractable security pieces that will be recognized by computer device 38 for some applications as explained hereafter.
  • LOCAL PC PUBLIC KEY 46 which is the PC public key used to identify the extractable security piece 10 to a computer device that is not the computer device 38 to which this extractable security piece belongs.
  • EXTRACTABLE LOCAL PRIVATE KEY 48 which is a private key that uniquely identifies an extractable security piece put on a computer device which is not the computer device to which this particular extractable security piece belongs. This key together with LOCAL PC PUBLIC KEY 46 form a set of keys corresponding to a possible guest computer device as explained hereafter. These keys may be duplicated to allow multiple computer device attachment.
  • MAIN PASSWORD AREA 50 which contains the passwords necessary for use in local attachment with the computer device 38 or for remote attachment.
  • LOCAL PASSWORD AREA 52 which is used in guest mode when the extractable security piece 10 is authorized on another computer device as explained below. The authorized user may want to keep all its passwords on the extractable security piece 10 and not on the computer device 38 itself.
  • APPLICATION PRIVATE KEY 54 which is a key that can be used for some applications such as building secure IPSec tunnels. It can also be used to implement the PKI procedure for performing encryption and/or authentication. More than one such field may be included in the extractable security piece 10 .
  • the protected memory 30 of the PC security area 12 may include functions similar to the ones which may be included in the protected memory 16 of the extractable security piece 12 .
  • the storage areas of protected memory 30 may contain the following:
  • EXTRACTABLE MAIN PUBLIC KEY 56 which is the public key of the extractable security piece 10 , and which is used by the computer device 38 to send encrypted messages that are decrypted by the extractable security piece 10 using the MAIN PC PUBLIC KEY 42 .
  • PC PUBLIC KEY 60 which is the public key of the computer device 38 and which is used by the computer device 38 to send encrypted messages to other external devices. This key may be identical to the MAIN PC PUBLIC KEY 42 of the extractable security piece 10 . It is in fact identical if the extractable security piece 10 is the one which corresponds to the computer device 38 (main computer device with main security piece).
  • TEMP KEY AREA 62 which may contain a temporary key used to store a private key when another extractable security piece is put on the main computer device 38 as explained below.
  • SHARED PUBLIC KEY 64 which is a public key that is transmitted to another extractable security piece put on the main computer device 38 as explained below.
  • PC PASSWORD AREA 66 which contains the PC passwords that may be exchanged with passwords stored in MAIN PASSWORD AREA 50 of the extractable security piece 10 or which may be used to update these passwords.
  • the computer device 38 includes OS LOGON 68 , which is the operating system logon that validates the login password through a compare on the contents of either PC PASSWORD AREA 66 or MAIN PASSWORD AREA 50 when the extractable security piece 10 has been recognized.
  • the computer device 38 also includes APPLICATION LOGON 70 , which is used when an application needs a password which is in MAIN PASSWORD AREA 50 within the extractable security piece 10 , and PKI APPLICATION 72 , which uses APPLICATION PRIVATE KEY 54 also within the extractable security piece 10 .
  • FIG. 3 illustrates the case where another extractable security piece is used with the computer device 38 in place of the main extractable security piece.
  • the first step is to insert the main extractable security piece into main computer device 38 .
  • the extractable security piece 10 is authenticated as already mentioned using the EXT MAIN PRIVATE KEY 40 and EXT MAIN PUBLIC KEY 56 on the one hand, and the MAIN PUBLIC KEY 42 and PC PRIVATE KEY 58 on the other hand.
  • the SHARED PRIVATE KEY 44 within the protected memory 16 of the main extractable security piece 10 is copied into TEMP KEY AREA 62 of the protected memory 30 of the PC security area 12 .
  • the main extractable security piece 10 may then be removed from the computer device 38 , and replaced by the guest extractable security piece.
  • the identity of the guest security piece can be checked by its external serial number and by the server which stores the corresponding public key.
  • the computer device 38 stores its PC PUBLIC KEY 60 into the protected memory 76 of the guest extractable security piece as the LOCAL PC PUBLIC KEY 78 in order to complete the bi-directional secure link. Once this link is established, the local password area 80 of the guest extractable security piece can be used via PC PASSWORD AREA 66 of the computer device 38 for OS GUEST LOGON 82 of the computer device 38 .
  • FIG. 4 Another application of the invention is when the main extractable security piece 10 is inserted into a remote computer device or a guest computer device.
  • the process to be implemented for such a case is illustrated in FIG. 4, wherein the bi-directional arrows represent the relationships between entities, and the bus represents data transfer. Note that the references used in FIG. 2 have been kept when such references designate the same entities such as the different areas of the main extractable security piece 10 or the PC security area 12 of the main computer device 38 .
  • the extractable security piece 10 connects with the guest computer device security area using the EXT MAIN PRIVATE KEY 40 to transmit the corresponding public key to the REMOTE TEMP KEY AREA 90 that will now contain the EXT MAIN PUBLIC KEY.
  • Private and public keys are generated simultaneously.
  • the public key may be provided to external devices without risk. Even if the remote computer device is not well known, there is little risk in giving it the Public key.
  • each user may define rules to change both private and public keys regularly, and may update other equipment also to replace an old public key with a new one.
  • the update and key transmissions between different entities may be done using certificates, which contain the device ID and the public key. These certificates are certified by Certificate Authority (CA) servers, which are trusted entities. Such CA servers can therefore be used as authentication servers. They know, for example, all public keys of all devices of a customer, and can therefore allow them to communicate securely. A rule may be to trust only certificates issued by this CA. Using this method, the remote computer may verify ownership of the public key.
  • CA Certificate Authority
  • the extractable security piece needs to receive the PC public key to securely communicate with the remote computer device.
  • the remote computer device transfers its REMOTE PC PUBLIC KEY 86 (matching the REMOTE PC PRIVATE KEY 88 ) into field LOCAL PC PUBLIC KEY 46 located in the protected memory 16 of the extractable security piece 10 .
  • secure communications can be established between the remote computer device and the extractable security piece 10 .
  • the user may then logon as a guest into the remote computer device, using a profile that allows remote connection.
  • One type of connection may be to connect to the CA to verify the identity of the remote computer device before doing more in this environment. In that case, the REMOTE PC PUBLIC KEY 86 is verified.
  • An object of such interconnection is to provide the user with access to the main computer device 38 in a secure way.
  • the connection to the main PC security area 12 is established using the main set of keys as described in FIG. 1: EXT MAIN PRIVATE KEY 40 and MAIN PUBLIC KEY 42 on the security piece side, and EXT MAIN PUBLIC KEY 56 and PC PRIVATE KEY 58 on the main computer device side.
  • EXT MAIN PRIVATE KEY 40 and MAIN PUBLIC KEY 42 on the security piece side
  • EXT MAIN PUBLIC KEY 56 and PC PRIVATE KEY 58 on the main computer device side.
  • PKI APPLICATION 72 may use the key stored in APPLICATION PRIVATE KEY 54 with the help of PKI checkers that are not represented in FIG. 4 but which are present on each extractable security piece and each PC security area.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Alarm Systems (AREA)

Abstract

A security system for preventing unauthorized use of a computer device. An extractable security piece includes an extractable main private key and a main PC public key. A PC security area which is a non-extractable part of the computer device includes a PC private key and an extractable main public key, which, together with the keys of the extractable security piece, constitute a Public Key Infrastructure. The extractable security piece and the PC security area include processing means for mutual authentication of the extractable security piece and the PC security area after the extractable security piece, which had been previously removed, has been reinserted in the computer device, thereby enabling the authorized user to access data stored in the computer device.

Description

    FIELD OF THE INVENTION
  • The present invention relates to a system and method for preventing computer devices from being stolen or hacked, and relates more particularly to a security system for preventing unauthorized use of a personal computer. [0001]
    • BACKGROUND
  • Because computer devices such as personal computers, portable computers, and other handheld devices are targets for hackers and thieves, passwords are used to protect their vital data and to prevent the computer from being used by unauthorized people. Passwords often work in conjunction with encryption and authentication keys that are used to establish secure communications between computers. It is possible today to install a program in the computer that will encrypt sensitive data so that these data cannot be read by anyone who does not have the unlocking key. It is necessary, however, to store the key somewhere, and there is a constant risk that it will be found. [0002]
  • Despite the continuing development of new technologies, passwords are still the most common security tools; they are also the most abused, and often the easiest for an attacker to break. Passwords present a kind of security paradox. The best passwords are the most difficult to guess: long and random. Unfortunately, these are also the most difficult to remember. Moreover, most experts strongly recommend using different passwords for each e-mail, e-commerce, or other account, and changing the passwords regularly. As a result, most people either choose passwords that are easily guessed, or write them down where they can be copied or stolen. [0003]
  • One answer to this conundrum is to use password safes. These programs provide a space to store long, complex, random passwords, and then encrypt the passwords so that they cannot be stolen. Some password safes generate random passwords for the user and store these on a local disk that also has a password access protection. [0004]
  • Secure transmission may be provided by using Public Key Infrastructure (PKI) cryptography. In PKI cryptography, a user has a pair of keys: public and private. As their names suggest, the private key is kept private, while the public key is distributed to other users. The owner of the private key never shares the private key with anyone. The public and private keys of a particular user are related via complex mathematical structures that inexorably link one key with the other. This relationship is crucial to making public/private key-based encryption work. [0005]
  • The public key is used as the basis for encrypting a message, while the private key is necessary for the recipient to decrypt the encrypted message. Only the bearer of the private key can decrypt the message. Even the person who did the encrypting cannot decrypt the message he just encrypted, because he does not know the private key. [0006]
  • For digital signatures, two different keys are generally used, one for creating a digital signature or transforming data into a seemingly unintelligible form, and another key for verifying a digital signature or returning the message to its original form. Computer equipment and software using two such keys is often termed an “asymmetric cryptosystem.”[0007]
  • The keys of an asymmetric cryptosystem for digital signatures are termed the private key, which is known only by the signer and which is used to create the digital signature, and the public key, which is ordinarily more widely known and which is used to verify the digital signature. A recipient must have the corresponding public key in order to verify that a digital signature is the signer's. When many people need to verify the signer's digital signature, the public key must be widely distributed, perhaps by publication in an on-line repository or directory. [0008]
  • Although the keys of the pair are mathematically related, it is computationally infeasible to derive one key from the other, if the asymmetric cryptosystem has been designed and implemented properly. Consequently, although many people may know the public key of a given signer and use it to verify his or her digital signature, they cannot discover the signer's private key and use it to forge the digital signature. [0009]
    • SUMMARY
  • Accordingly, an object of the invention is to provide a security system based upon the Public Key Infrastructure (PKI) preventing unauthorized use of a computer device. [0010]
  • A security system according to the invention includes an extractable security piece, which is a piece of the main computer device that can be removed by the authorized user. The extractable security piece includes at least an extractable main private key and a main PC public key. A PC security area, which is a non-extractable part of the computer device, contains at least a PC private key and an extractable main public key. The PC private key and the extractable main public key work together according to a Public Key Infrastructure (PKI). Processing means in both the extractable security piece and the PC security area carry out a mutual authentication of the extractable security piece and the PC security area after the extractable security piece, which had been previously removed, has been reinserted, thereby enabling the authorized user to access data stored in the computer device.[0011]
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • The above and other objects, features, and advantages of the invention will be better understood by reading the following more particular description of the invention in conjunction with the accompanying drawings wherein: [0012]
  • FIG. 1 is a block diagram representing the security system according to the invention, including the extractable security piece, the PC security area, and its link with the computer device. [0013]
  • FIG. 2 is a schematic representation of the interactions between the extractable security piece, the PC security area, and the computer device when the extractable security piece is installed on the main computer device. [0014]
  • FIG. 3 is a schematic representation of the interactions between the main extractable security piece, the PC security area, a guest extractable security piece, and the computer device when a guest extractable security piece is installed on the main computer device. [0015]
  • FIG. 4 is a schematic representation of interactions between the extractable security piece, the main PC security area, a guest PC security area, and the main and guest computer devices when the main extractable security piece is installed on a remote computer device.[0016]
    • DETAILED DESCRIPTION
  • As shown in FIG. 1, the invention includes the use of an [0017] extractable security piece 10 and a PC security area 12 in combination. Without the extractable security piece 10, the computer device 38 and all included or attached devices such as memory, hard disk, and various peripherals cannot be used. The extractable security piece 10 may be a keyboard key or an integrated mouse button, a block containing a small display screen or an LED area, or a PCMCIA card. In the latter case, one of the PCMCIA slots is preempted, and cannot be used for other purposes. The PC security area 12 may be any part of the computer device 38 hardware/firmware including the operating system and the installed applications. This PC security area 12 is generally included in the computer device motherboard, or another mandatory board or card in the computer device 38, and cannot be removed.
  • The [0018] extractable security piece 10 includes a processor 14, which may be a microprocessor having an integrated communication port, a memory 16 protected against external read (which might be a memory integrated within processor 14), and a PKI checker 18, which may be a software application used by the processor 14 to encrypt or authenticate data sent to PC security area 12. Protected memory 16 includes an extractable private key 20, (A PC Public Key 22 public key of the computer device 38), and other keys or passwords 24.
  • Similarly, [0019] PC security area 12 includes a processor 26 which communicates with processor 14 via a communication port, a PKI checker 28 which may be a software application used to encrypt or authenticate data sent to extractable security piece 10, and a protected memory 30, which may be integrated within processor 26. The protected memory 30 contains an extractable public key 32 (the public key of the extractable security piece 10), a PC private key 34, and other keys or passwords 36.
  • When the [0020] extractable security piece 10, which had been previously removed from the computer device 38 by the authorized user, is reinserted into its proper location within the computer device 38, a mutual authentication with the PC security area 12 is automatically performed as explained below. When this checking is completed, processor 26 may open access to the computer device 38 by its I/O bus for OS or application password checking, application authentication, or encryption. Furthermore, computer device 38 may open communication to processor 26 for validating external users such as remote users.
  • The protected [0021] memory 16 of extractable security piece 10 includes a set of storage areas as shown in FIG. 2. The storage areas may contain keys, full certificates including keys, or password areas. In particular, the storage areas of protected memory 16 may contain the following:
  • EXTRACTABLE [0022] MAIN PRIVATE KEY 40, which is the private key that uniquely identifies the extractable security piece 10. It is similar to a serial number but much more complex, and is not readable. The extractable main private key 40 is used by the extractable security piece 10 to identify itself to the computer device 38 and to allow the computer device 38 to send encrypted messages to the extractable security piece 10 which can be decrypted only with knowledge of the extractable main private key 40.
  • MAIN [0023] PC PUBLIC KEY 42, which is the public key that corresponds to the computer device 38, and which is used to encrypt messages sent to the PC security area 12, such as requests to authorize the use of the security piece 10 in this environment. The main PC public key is also used to authenticate messages coming from the PC security area 12.
  • SHARED [0024] PRIVATE KEY 44, which is a private key that is generated by the user and transmitted to other extractable security pieces that will be recognized by computer device 38 for some applications as explained hereafter.
  • LOCAL [0025] PC PUBLIC KEY 46, which is the PC public key used to identify the extractable security piece 10 to a computer device that is not the computer device 38 to which this extractable security piece belongs.
  • EXTRACTABLE [0026] LOCAL PRIVATE KEY 48, which is a private key that uniquely identifies an extractable security piece put on a computer device which is not the computer device to which this particular extractable security piece belongs. This key together with LOCAL PC PUBLIC KEY 46 form a set of keys corresponding to a possible guest computer device as explained hereafter. These keys may be duplicated to allow multiple computer device attachment.
  • [0027] MAIN PASSWORD AREA 50, which contains the passwords necessary for use in local attachment with the computer device 38 or for remote attachment.
  • [0028] LOCAL PASSWORD AREA 52, which is used in guest mode when the extractable security piece 10 is authorized on another computer device as explained below. The authorized user may want to keep all its passwords on the extractable security piece 10 and not on the computer device 38 itself.
  • [0029] APPLICATION PRIVATE KEY 54, which is a key that can be used for some applications such as building secure IPSec tunnels. It can also be used to implement the PKI procedure for performing encryption and/or authentication. More than one such field may be included in the extractable security piece 10.
  • The protected [0030] memory 30 of the PC security area 12 may include functions similar to the ones which may be included in the protected memory 16 of the extractable security piece 12. In particular, the storage areas of protected memory 30 may contain the following:
  • EXTRACTABLE [0031] MAIN PUBLIC KEY 56, which is the public key of the extractable security piece 10, and which is used by the computer device 38 to send encrypted messages that are decrypted by the extractable security piece 10 using the MAIN PC PUBLIC KEY 42.
  • [0032] PC PUBLIC KEY 60, which is the public key of the computer device 38 and which is used by the computer device 38 to send encrypted messages to other external devices. This key may be identical to the MAIN PC PUBLIC KEY 42 of the extractable security piece 10. It is in fact identical if the extractable security piece 10 is the one which corresponds to the computer device 38 (main computer device with main security piece).
  • [0033] TEMP KEY AREA 62, which may contain a temporary key used to store a private key when another extractable security piece is put on the main computer device 38 as explained below.
  • SHARED [0034] PUBLIC KEY 64, which is a public key that is transmitted to another extractable security piece put on the main computer device 38 as explained below.
  • [0035] PC PASSWORD AREA 66, which contains the PC passwords that may be exchanged with passwords stored in MAIN PASSWORD AREA 50 of the extractable security piece 10 or which may be used to update these passwords.
  • The [0036] computer device 38 includes OS LOGON 68, which is the operating system logon that validates the login password through a compare on the contents of either PC PASSWORD AREA 66 or MAIN PASSWORD AREA 50 when the extractable security piece 10 has been recognized. The computer device 38 also includes APPLICATION LOGON 70, which is used when an application needs a password which is in MAIN PASSWORD AREA 50 within the extractable security piece 10, and PKI APPLICATION 72, which uses APPLICATION PRIVATE KEY 54 also within the extractable security piece 10.
  • FIG. 3 illustrates the case where another extractable security piece is used with the [0037] computer device 38 in place of the main extractable security piece. In such a case, the first step is to insert the main extractable security piece into main computer device 38. The extractable security piece 10 is authenticated as already mentioned using the EXT MAIN PRIVATE KEY 40 and EXT MAIN PUBLIC KEY 56 on the one hand, and the MAIN PUBLIC KEY 42 and PC PRIVATE KEY 58 on the other hand.
  • Then, the [0038] SHARED PRIVATE KEY 44 within the protected memory 16 of the main extractable security piece 10 is copied into TEMP KEY AREA 62 of the protected memory 30 of the PC security area 12. The main extractable security piece 10 may then be removed from the computer device 38, and replaced by the guest extractable security piece. Of course, the identity of the guest security piece can be checked by its external serial number and by the server which stores the corresponding public key.
  • The key within [0039] TEMP KEY AREA 62 of protected memory 30 is loaded into an EXT LOCAL PRIVATE KEY 74 within a protected memory 76 of the guest extractable security piece as shown in FIG. 3. Therefore, the EXT LOCAL PRIVATE KEY 74 of the guest extractable security piece matches the SHARED PUBLIC KEY 64 of the computer device 38.
  • Finally, the [0040] computer device 38 stores its PC PUBLIC KEY 60 into the protected memory 76 of the guest extractable security piece as the LOCAL PC PUBLIC KEY 78 in order to complete the bi-directional secure link. Once this link is established, the local password area 80 of the guest extractable security piece can be used via PC PASSWORD AREA 66 of the computer device 38 for OS GUEST LOGON 82 of the computer device 38.
  • Another application of the invention is when the main [0041] extractable security piece 10 is inserted into a remote computer device or a guest computer device. The process to be implemented for such a case is illustrated in FIG. 4, wherein the bi-directional arrows represent the relationships between entities, and the bus represents data transfer. Note that the references used in FIG. 2 have been kept when such references designate the same entities such as the different areas of the main extractable security piece 10 or the PC security area 12 of the main computer device 38.
  • The [0042] extractable security piece 10 connects with the guest computer device security area using the EXT MAIN PRIVATE KEY 40 to transmit the corresponding public key to the REMOTE TEMP KEY AREA 90 that will now contain the EXT MAIN PUBLIC KEY.
  • Private and public keys are generated simultaneously. The public key may be provided to external devices without risk. Even if the remote computer device is not well known, there is little risk in giving it the Public key. In addition, each user may define rules to change both private and public keys regularly, and may update other equipment also to replace an old public key with a new one. [0043]
  • The update and key transmissions between different entities may be done using certificates, which contain the device ID and the public key. These certificates are certified by Certificate Authority (CA) servers, which are trusted entities. Such CA servers can therefore be used as authentication servers. They know, for example, all public keys of all devices of a customer, and can therefore allow them to communicate securely. A rule may be to trust only certificates issued by this CA. Using this method, the remote computer may verify ownership of the public key. [0044]
  • The extractable security piece needs to receive the PC public key to securely communicate with the remote computer device. The remote computer device transfers its REMOTE PC PUBLIC KEY [0045] 86 (matching the REMOTE PC PRIVATE KEY 88) into field LOCAL PC PUBLIC KEY 46 located in the protected memory 16 of the extractable security piece 10. At this step, secure communications can be established between the remote computer device and the extractable security piece 10. The user may then logon as a guest into the remote computer device, using a profile that allows remote connection.
  • One type of connection may be to connect to the CA to verify the identity of the remote computer device before doing more in this environment. In that case, the REMOTE [0046] PC PUBLIC KEY 86 is verified.
  • An object of such interconnection is to provide the user with access to the [0047] main computer device 38 in a secure way. The connection to the main PC security area 12 is established using the main set of keys as described in FIG. 1: EXT MAIN PRIVATE KEY 40 and MAIN PUBLIC KEY 42 on the security piece side, and EXT MAIN PUBLIC KEY 56 and PC PRIVATE KEY 58 on the main computer device side. There is no possibility for the remote computer device to decrypt data communication between the main extractable security piece 10 and its main computer device 38 even if it knows the public key of each.
  • Finally, through this secure channel, all passwords stored in [0048] MAIN PASSWORD AREA 50 can be used and securely transferred to PC PASSWORD AREA 66 on the main PC security area 12 and used as APPLICATION LOGON 70 for a normal logon. The remote computer device is then viewed as local equipment. At this step, the shared secret keys may be exchanged to build a secure communication channel between the main computer device 38 and the remote computer device that will then use less computing resources than a PKI communication.
  • Additionally, applications may work as already described with reference to FIG. 1, that is [0049] PKI APPLICATION 72 may use the key stored in APPLICATION PRIVATE KEY 54 with the help of PKI checkers that are not represented in FIG. 4 but which are present on each extractable security piece and each PC security area.

Claims (11)

We claim:
1. A Security system for preventing unauthorized use of a main computer device having an authorized user, comprising:
an extractable security piece which can be removed from the main computer device by the authorized user, wherein the extractable security piece includes an extractable main private key and a main PC public key;
a PC security area, which is a non-extractable part of said computer device, wherein said PC security area includes a PC private key and an extractable main public key that constitute a Public Key Infrastructure (PKI) with, respectively, the extractable main private key and the main PC public key; and
processing means in said extractable security piece and in said PC security area for mutual authentication of said extractable security piece and said PC security area after said extractable security piece, which had been previously removed from said PC security area, is reinserted in said PC security area to enable the authorized user to access data stored in said computer device.
2. The security system according to claim 1, wherein said extractable security piece and said PC security area each comprise a PKI checker for encrypting and authenticating data exchanged between said PC security area and said extractable security piece when said extractable security piece is reinserted in said main computer device.
3. The security system according to claim 1, wherein said extractable security piece includes a password that is used by said computer device and that is exchanged with a password included in said PC security area.
4. The security system according to claim 1, wherein said extractable security piece includes a keyboard key of said computer device.
5. The security system according to claim 1, wherein said extractable security piece includes an integrated mouse button.
6. The security system according to claim 1, wherein said extractable security piece includes a PCMCIA card.
7. A method for authorizing a main computer device having an authorized user to be used by a guest user, wherein said main computer device includes a main extractable security piece that includes an extractable main private key, a main PC public key, and a first processor, and a PC security area that includes an extractable main public key and a PC private key that constitute a Public Key Infrastructure (PKI) with said keys of a said extractable security piece and a second processor for exchanging authentication data with said first processor, said method comprising the steps of:
inserting said main extractable security piece into a location of said main computer device;
removing said main extractable security piece from said main computer device after said first and second processors have exchanged said authentication data; and
inserting into the location a guest extractable security piece of a guest computer of said guest user, wherein said guest extractable security piece includes the same functions and areas as said main extractable security piece.
8. The security method according to claim 7, wherein said main extractable security piece includes a shared private key which is transferred into a temporary key area of said PC security area when said main extractable security piece is inserted into said main computer device.
9. The security method according to claim 7, wherein said shared private key is transferred from said PC security area of said main computer device into said guest extractable security piece and the PC public key is transferred from said PC security area as a local PC public key into said guest extractable security piece when said main extractable security piece has been replaced by said guest extractable security piece in said computer device.
10. A security method for authorizing a main computer device having an authorized user to be used remotely from a remote computer device by said authorized user wherein said main computer device includes a main extractable security piece that includes an extractable main private key and a main PC Public key and a first processor, and a PC security area that includes an extractable main public key and a PC Private key that constitute a Public Key Infrastructure with said keys of said extractable security piece and a second processor for exchanging authentication data with said first processor, said method comprising the step of inserting said main extractable security piece into said remote computer device so that an extractable main public key is transferred from said main extractable security piece into a temporary key area within a remote PC security area of said remote computer device in order for said remote computer device to verify that said extractable main public key corresponds to said authorized user.
11. The security method according to claim 10, wherein a PC public key included in said remote PC security area of said remote computer device is transferred as a local PC public key into said main extractable security piece of said main computer device so that security communications may be established between said main extractable security piece and said remote PC security area.
US10/250,722 2001-01-11 2002-01-11 Security system for preventing a personal computer from being used by an unauthorized people Expired - Lifetime US7228430B2 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
EP01480003.1 2001-01-11
EP01480003 2001-01-11
PCT/EP2002/000216 WO2002056155A2 (en) 2001-01-11 2002-01-11 Security system for preventing a personal computer from being used by unauthorized people

Publications (2)

Publication Number Publication Date
US20040059919A1 true US20040059919A1 (en) 2004-03-25
US7228430B2 US7228430B2 (en) 2007-06-05

Family

ID=8183377

Family Applications (1)

Application Number Title Priority Date Filing Date
US10/250,722 Expired - Lifetime US7228430B2 (en) 2001-01-11 2002-01-11 Security system for preventing a personal computer from being used by an unauthorized people

Country Status (8)

Country Link
US (1) US7228430B2 (en)
EP (1) EP1379930B1 (en)
JP (2) JP3793506B2 (en)
KR (1) KR20020060572A (en)
CN (1) CN1261841C (en)
AT (1) ATE465461T1 (en)
DE (1) DE60236075D1 (en)
WO (1) WO2002056155A2 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103617388A (en) * 2013-12-11 2014-03-05 长城信息产业股份有限公司 Implementation method for secure operating system with process credibility authentication
US8913749B2 (en) 2011-07-15 2014-12-16 Yokogawa Electric Corporation Wireless communication apparatus and method of preventing leakage of encrypted key
CN104331657A (en) * 2014-09-29 2015-02-04 飞天诚信科技股份有限公司 Java card realization method supporting digital signature
EP2506467A3 (en) * 2005-09-05 2015-03-25 Yamaha Corporation Digital mixer

Families Citing this family (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040009394A (en) * 2002-07-23 2004-01-31 신동현 Information secure system with PKI technology
FR2862397A1 (en) * 2003-11-13 2005-05-20 St Microelectronics Sa Electronic apparatus booting method, involves extending secure domain to application processor, when application and boot-strap processors are authenticated, and booting operating system of processors to store data in protected part of RAM
JP4420201B2 (en) 2004-02-27 2010-02-24 インターナショナル・ビジネス・マシーンズ・コーポレーション Authentication method using hardware token, hardware token, computer apparatus, and program
US20060242406A1 (en) 2005-04-22 2006-10-26 Microsoft Corporation Protected computing environment
US8347078B2 (en) 2004-10-18 2013-01-01 Microsoft Corporation Device certificate individualization
US8336085B2 (en) 2004-11-15 2012-12-18 Microsoft Corporation Tuning product policy using observed evidence of customer behavior
US7770205B2 (en) 2005-01-19 2010-08-03 Microsoft Corporation Binding a device to a computer
US9363481B2 (en) 2005-04-22 2016-06-07 Microsoft Technology Licensing, Llc Protected media pipeline
US9436804B2 (en) 2005-04-22 2016-09-06 Microsoft Technology Licensing, Llc Establishing a unique session key using a hardware functionality scan
KR100704627B1 (en) * 2005-04-25 2007-04-09 삼성전자주식회사 Apparatus and method for security service
US20060288209A1 (en) * 2005-06-20 2006-12-21 Vogler Dean H Method and apparatus for secure inter-processor communications
EP1899886A2 (en) * 2005-06-29 2008-03-19 Nxp B.V. Security system and method for securing the integrity of at least one arrangement comprising multiple devices
KR101185595B1 (en) * 2005-09-30 2012-09-24 삼성전자주식회사 Apparatus and method for executing security function using smart card
CN101482903B (en) * 2008-01-09 2010-09-29 联想(北京)有限公司 Hardware security unit
JP4965512B2 (en) * 2008-06-02 2012-07-04 株式会社バッファロー Authentication system, information processing device, storage device, authentication method and program thereof
WO2010038913A1 (en) * 2008-10-02 2010-04-08 Softcamp Co., Ltd Preservation method about data in ie memory altered without leave
WO2013117404A1 (en) * 2012-02-07 2013-08-15 Bundesdruckerei Gmbh Method for personalizing a security module for a smart meter or smart meter gateway
CN102801730B (en) * 2012-08-16 2015-01-28 厦门市美亚柏科信息股份有限公司 Information protection method and device for communication and portable devices
US9633210B2 (en) 2013-09-13 2017-04-25 Microsoft Technology Licensing, Llc Keying infrastructure
US10097513B2 (en) 2014-09-14 2018-10-09 Microsoft Technology Licensing, Llc Trusted execution environment extensible computing device interface
CN116244757A (en) * 2023-03-15 2023-06-09 武汉天楚云计算有限公司 Computer equipment monitoring alarm method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5406261A (en) * 1993-01-11 1995-04-11 Glenn; James T. Computer security apparatus and method
US5566226A (en) * 1994-05-31 1996-10-15 Nec Corporation Portable telephone apparatus which can be connected to an external apparatus without using an adapter
US20010005682A1 (en) * 1999-12-27 2001-06-28 Masayuki Terao Communication device, communication device set, authentication method and method of wireless-connecting terminals
US6779115B1 (en) * 2000-02-18 2004-08-17 Digital5, Inc. Portable device using a smart card to receive and decrypt digital data

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2653914A1 (en) * 1989-10-27 1991-05-03 Trt Telecom Radio Electr SYSTEM FOR AUTHENTICATING A MICROCIRCUIT CARD BY A PERSONAL MICROCOMPUTER, AND METHOD FOR ITS IMPLEMENTATION
US5224163A (en) * 1990-09-28 1993-06-29 Digital Equipment Corporation Method for delegating authorization from one entity to another through the use of session encryption keys
NL9101594A (en) * 1991-09-20 1993-04-16 Tres Automatisering B V COMPUTER SYSTEM WITH SECURITY.
JPH06149404A (en) 1992-11-16 1994-05-27 Akuseru:Kk Keyboard unit for personal computer
US5402492A (en) * 1993-06-18 1995-03-28 Ast Research, Inc. Security system for a stand-alone computer
KR100319838B1 (en) 1995-08-10 2002-04-22 윤종용 Personal computer with security device, security method thereof, and installation and removal method of the security device
JP3272213B2 (en) * 1995-10-02 2002-04-08 インターナショナル・ビジネス・マシーンズ・コーポレーション Authentication method for IC card and information processing device
US5784463A (en) * 1996-12-04 1998-07-21 V-One Corporation Token distribution, registration, and dynamic configuration of user entitlement for an application level security system and method
US5887131A (en) * 1996-12-31 1999-03-23 Compaq Computer Corporation Method for controlling access to a computer system by utilizing an external device containing a hash value representation of a user password
JPH11205308A (en) * 1997-10-29 1999-07-30 Hitachi Ltd Authentication method and information system
DE29719395U1 (en) * 1997-11-03 1998-02-19 Baier Martin PC mouse with optical interface
JP2000057305A (en) 1998-08-07 2000-02-25 Dainippon Printing Co Ltd Ic card and password changing method
JP3293784B2 (en) 1998-12-01 2002-06-17 群馬日本電気株式会社 Personal information storage device and authentication device
JP4219561B2 (en) 1999-03-05 2009-02-04 ヒューレット・パッカード・カンパニー Smart card user interface for trusted computing platforms
GB9914798D0 (en) 1999-06-25 1999-08-25 Morris Michael Ensure

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5406261A (en) * 1993-01-11 1995-04-11 Glenn; James T. Computer security apparatus and method
US5566226A (en) * 1994-05-31 1996-10-15 Nec Corporation Portable telephone apparatus which can be connected to an external apparatus without using an adapter
US20010005682A1 (en) * 1999-12-27 2001-06-28 Masayuki Terao Communication device, communication device set, authentication method and method of wireless-connecting terminals
US6779115B1 (en) * 2000-02-18 2004-08-17 Digital5, Inc. Portable device using a smart card to receive and decrypt digital data

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2506467A3 (en) * 2005-09-05 2015-03-25 Yamaha Corporation Digital mixer
US8913749B2 (en) 2011-07-15 2014-12-16 Yokogawa Electric Corporation Wireless communication apparatus and method of preventing leakage of encrypted key
CN103617388A (en) * 2013-12-11 2014-03-05 长城信息产业股份有限公司 Implementation method for secure operating system with process credibility authentication
CN104331657A (en) * 2014-09-29 2015-02-04 飞天诚信科技股份有限公司 Java card realization method supporting digital signature

Also Published As

Publication number Publication date
DE60236075D1 (en) 2010-06-02
EP1379930B1 (en) 2010-04-21
WO2002056155A3 (en) 2003-10-16
KR20020060572A (en) 2002-07-18
ATE465461T1 (en) 2010-05-15
JP2004530316A (en) 2004-09-30
JP4486023B2 (en) 2010-06-23
WO2002056155A2 (en) 2002-07-18
JP2006120168A (en) 2006-05-11
CN1261841C (en) 2006-06-28
JP3793506B2 (en) 2006-07-05
CN1537261A (en) 2004-10-13
EP1379930A2 (en) 2004-01-14
US7228430B2 (en) 2007-06-05

Similar Documents

Publication Publication Date Title
US7228430B2 (en) Security system for preventing a personal computer from being used by an unauthorized people
US6138239A (en) Method and system for authenticating and utilizing secure resources in a computer system
RU2147790C1 (en) Method for transferring software license to hardware unit
CA2341784C (en) Method to deploy a pki transaction in a web browser
US6230272B1 (en) System and method for protecting a multipurpose data string used for both decrypting data and for authenticating a user
CN104798083B (en) For the method and system of authentication-access request
US7155616B1 (en) Computer network comprising network authentication facilities implemented in a disk drive
EP1161715B1 (en) Communications between modules of a computing apparatus
JP2004508619A (en) Trusted device
US20060129824A1 (en) Systems, methods, and media for accessing TPM keys
JP2004513420A (en) Method and apparatus for leveled security access control
CN112425114A (en) Password manager protected by public-private key pair
KR20010052105A (en) Cryptographic key generation using biometric data
WO2008035413A1 (en) Information processor and information management method
JP6751545B1 (en) Electronic signature system and anti-tamper device
WO2021111824A1 (en) Electronic signature system and tamper-proof device
US7073062B2 (en) Method and apparatus to mutually authentication software modules
JPH10336172A (en) Managing method of public key for electronic authentication
US12034716B2 (en) Exclusive self-escrow method and apparatus
KR20030033863A (en) The method and system of multistage user certification using active user-certifiable card of USB module type
JP2021111925A (en) Electronic signature system
JP2006074487A (en) Authentication managing method and authentication management system
Millman Authentication and Authorization
JP2004021591A (en) Management device and authentication device
Zhang et al. Enhance Opensst Protocol's Security with Smart Card.

Legal Events

Date Code Title Description
AS Assignment

Owner name: INTERNATIONAL BUSINESS MACHINES CORPORATION, NEW Y

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BENAYOUN, ALAIN;FIESCHI, JACQUES;LE PENNEC, JEAN-FRANCOIS;AND OTHERS;REEL/FRAME:014642/0849;SIGNING DATES FROM 20030715 TO 20030728

AS Assignment

Owner name: LENOVO (SINGAPORE) PTE LTD.,SINGAPORE

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:INTERNATIONAL BUSINESS MACHINES CORPORATION;REEL/FRAME:016891/0507

Effective date: 20050520

Owner name: LENOVO (SINGAPORE) PTE LTD., SINGAPORE

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:INTERNATIONAL BUSINESS MACHINES CORPORATION;REEL/FRAME:016891/0507

Effective date: 20050520

STCF Information on status: patent grant

Free format text: PATENTED CASE

FPAY Fee payment

Year of fee payment: 4

FPAY Fee payment

Year of fee payment: 8

AS Assignment

Owner name: LENOVO PC INTERNATIONAL, HONG KONG

Free format text: NUNC PRO TUNC ASSIGNMENT;ASSIGNOR:LENOVO (SINGAPORE) PTE LTD.;REEL/FRAME:037160/0001

Effective date: 20130401

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 12TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1553); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 12